Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Artem Nanavov2020-08-03 13:55:48
JSON Web Token
Artem Nanavov, 2020-08-03 13:55:48

Access/refresh token on microservice?

Hello everyone, the answer to the question is interesting: If the service that is responsible for the access / refresh token falls on the microservice, then what to do if the service fails, and how correct it is ( access / refresh token ) to be kept as a separate service

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
I
Ilya Edrets, 2020-08-10
@fertyga098

In fact, it is a common practice to separate the authorization and authentication service into a separate microservice. For example, OpenID is exactly what it was intended to be.
If the service goes down, then you have two potential problems: clients will not be able to receive new tokens, and api services will not be able to validate tokens from clients. You can't get rid of the first problem. And the second can be solved using JWT tokens, thanks to the presence of a signature, api services can validate the token on their own without contacting the authorization service.

Similar questions
O
Oleg Kolesnikov2019-01-17 22:08:13
How to implement captcha using JWT tokens? 5Reply
R
Ramil992016-09-07 23:49:11
How to use angular2-jwt? 1Reply
J
Jedi2019-02-11 02:37:45
How to competently implement JWT Token Refresh? 1Reply
D
Dmitry2019-03-29 11:36:10
Whose side is the problem with JWT authorization and CORS? 1Reply
D
dicem2021-01-09 17:02:25
How to implement token refresh on Nuxt/Vue? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question